Search CVE reports
1 – 10 of 41209 results
Heap buffer overflow in AMQP login handshake via undersized connection.tune.frame_max
1 affected package
librabbitmq
| Package | 20.04 LTS |
|---|---|
| librabbitmq | Needs evaluation |
size_t underflow in AMQP frame length computation leads to out-of-bounds read in rabbitmq-c
1 affected package
librabbitmq
| Package | 20.04 LTS |
|---|---|
| librabbitmq | Needs evaluation |
(A heap buffer overflow flaw was found in 389 Directory Server. When se ...)
1 affected package
389-ds-base
| Package | 20.04 LTS |
|---|---|
| 389-ds-base | Needs evaluation |
[Unknown description]
1 affected package
389-ds-base
| Package | 20.04 LTS |
|---|---|
| 389-ds-base | Needs evaluation |
GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle. GD::Image::_make_filehandle opens a filename argument with Perl's 2-arg open(), so a...
1 affected package
libgd-perl
| Package | 20.04 LTS |
|---|---|
| libgd-perl | Needs evaluation |
kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in SCRAM authentication handling that allows a malicious or machine-in-the-middle broker to freeze the client event loop by supplying an excessively large...
1 affected package
python-kafka
| Package | 20.04 LTS |
|---|---|
| python-kafka | Needs evaluation |
A local privilege escalation vulnerability was found in the ansible.posix authorized_key module. The module's keyfile() function uses os.chown() instead of os.lchown() and opens files without O_NOFOLLOW when managing...
2 affected packages
ansible, ansible-core
| Package | 20.04 LTS |
|---|---|
| ansible | Needs evaluation |
| ansible-core | — |
lldpd is an implementation of IEEE 802.1ab (LLDP). Prior to version 1.0.22, lldpd_decode() in src/daemon/lldpd.c strips 802.1Q VLAN tags from received Ethernet frames by calling memmove() to shift the frame payload 4 bytes left....
2 affected packages
lldpd, openvswitch
| Package | 20.04 LTS |
|---|---|
| lldpd | Needs evaluation |
| openvswitch | Needs evaluation |
SQLite before 3.53.2 contains a heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers to cause a crash or execute arbitrary code by supplying a crafted database with...
2 affected packages
sqlite, sqlite3
| Package | 20.04 LTS |
|---|---|
| sqlite | Needs evaluation |
| sqlite3 | Needs evaluation |
SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution by supplying a crafted database...
2 affected packages
sqlite, sqlite3
| Package | 20.04 LTS |
|---|---|
| sqlite | Needs evaluation |
| sqlite3 | Needs evaluation |